Download Assessing and Treating IT Security Risks and more Assignments Information Technology in PDF only on Docsity!
BTEC FPT INTERNATIONAL COLLEGE
INFORMATION TECHNOLOGY
ASSIGNMENT 1
UNIT: Security
STUDENT : NGUYEN VAN ANH
CLASS : PBIT
STUDENT ID : BDAF19002 8
SUPERVISOR : Le Van Thuan
DaNang, Nov 2021
ASSIGNMENT 1 FRONT SHEET Qualification BTEC Level 4 HND Diploma in Computing Unit number and title Unit: Secutity Submission date 25/11/ Date received (1st sub- mission) Re-submission date Date received (2nd submission) Student name Nguyen Van Anh Student ID BDAF Class PBIT15101 Assessor name Le Van Thuan Student declaration I certify that the assignment submission is entirely my own work and I fully understand the conse- quences of plagiarism. I understand that making a false declaration is a form of malpractice. Student’s signature: Grading grid P1 P2 P3 P4 M1 M2 D1 D
TABLE OF CONTENT
INTRODUCTION
NorthStar Secure works with medium sized companies in the Vietnam, advising and implementing technical solutions to potential IT security risks. Most customers have out- sourced their security concerns due to lacking the technical expertise in house. As part of your role, your manager Khuong, has asked you to create an engaging presentation to help train junior staff members on the tools and techniques associated with identifying and assessing IT security risks together with the organisational policies to protect business crit- ical data and equipment. In this report, I will act as a network security person.
CHAPTER 1 BASIC KNOWLEDGE
LO1 Assess risks to IT security.
1.1 Overview about Network Security
Define: Network security is a term that describes security tools, tactics, and policies de- signed to monitor, prevent, and respond to network intrusions, and protect technical as- sets. numbers, including network traffic. Cybersecurity encompasses hardware and soft- ware technologies (including resources like savvy security analysts, hunters, incident re- sponders, etc.) potential threats targeting your network. In other words, it's a defense you use to keep wrong people out of your sensitive data. Benefits of network security: Cybersecurity exists to help your organization protect not only sensitive information, but also performance, reputation, and even business viability. Continuity and integrity are two key benefits of effective network security.
1.2 Some security threats to organisations. (P1)
1.2.1 Define threats Cyber security hazards are dangers that can befall everyone who uses the internet and are perpetrated by cybercriminals. Cybercriminals have the ability to attack anyone or any organization. There are many types of threats to cybersecurity, not to mention threats such as:
- Impersonation
- Eavesdropping
- Denial-of-service
- Packet replay
- Man-in-the-middle
- Packet modification
- Information theft
allowed more than 1,500 applications to access private photos of nearly 7 million users. As noted, many Facebook users in Vietnam are affected by these security flaws. In Vietnam, multiple cyber assaults targeting significant organizations and corpora- tions resulted in the leaking of user data in 2018. The RaidForums Forum published infor- mation thought to be the data of over 5 million consumers of the Mobile World digital retail chain in November 2018. Email addresses, transaction histories, and even bank card numbers are among the items that are missing. Shortly after, the data for FPT Shop's F.Friends program's contracts was also released. Hackers have targeted some Vietnam- ese organizations, including Pet Joint Stock Company and Vietnam Cooperative Bank...
- More than 35,000 smartphones in Vietnam are infected with GhostTeam virus In January 2018, according to statistics from Bkav's virus monitoring system, more than 35,000 smartphone devices in Vietnam were infected with GhostTeam virus and stole Facebook passwords. This malicious code takes advantage of a series of popular Viet- namese applications on Google Play to distribute. Hackers' attack methods are quite so- phisticated, firstly, hackers put "clean" popular applications such as perpetual calendar, flashlight, compass ... on Google Play for users to install. phone. After that, these applica- tions will automatically download another malicious application, in order to trick the victim, this "clean" application will display security warnings such as an infected phone or an in- fected phone. slow… with instructions for handling. These are essentially fake warnings and when following the instructions, the viruses will take control of the phone and steal the password of the Facebook account that is using on the device. All of the aforementioned events have had far-reaching ramifications. It causes firms to lose a great deal of prestige in information security by causing information and identity theft to many users. This is a major setback for organizations, both in terms of sta- tus and financial viability. Here are some solutions for organizational security:
- Multi-factor authentication
- User security training
- Web & eMail filtering
- Threats detection by installing additional detection applications
- Use Business Continuity Solution for continuous synchronization
- In particular, a team of detection and repair should be built to keep the or- ganization's ongoing confidentiality secure.
1.3 Some of the organization's security procedures.(P2)
- Information encryption Information encryption is a method of converting data into a different form of data that has a different meaning than the data before it was altered, with the goal of allowing only a limited number of individuals to access it. Initially, by decoding the data that has been transformed. Information encryption is a critical component of preventing data breaches.
- Multi-factor authentication Multi-Factor Authentication (MFA) protects your account, even if your password is compromised. It combines something you know (your password) with something you have (your phone). When you log in to your account, it will send your phone a code. If a cyber- criminal breaks your password but doesn't have your phone, then they won't be able to ac- cess your account. [2] The nicest aspect about MFA is that it comes standard with most of your accounts, such as Microsoft Office 365, Facebook, and LinkedIn. All you have to do now is enable it. If you just remember one thing from this blog, make it to enable MFA for your personal bank account. You only need one password to prevent fraudsters from stealing your life savings.
- User security training When it comes to cyber security, people are your weakest link. They enjoy opening attachments and links in eMails, which makes it easy for fraudsters to obtain their creden- tials. Implementing a network security training plan for your entire organization is the greatest method to prevent this risk. Learning what not to click on should be part of a solid strategy, as should fake phishing attempts that mimic contemporary cyber-attacks. This learning and testing procedure should be repeated on a regular basis to help build your human firewall.
- Web & eMail filtering Because humans are incapable of catching every attack, it's a good idea to enlist the help of a threat intelligence filtering service. Before they reach your users, the service examines eMail attachments and internet hyperlinks and activates them securely in the
However, a reactive defense approach essentially inadvertently allows sophisticated ad- versaries to "dwell" undetected inside the network for weeks, months, or even years. years, giving them plenty of time to find and steal valuable data or disrupt business. Threat tracing, on the other hand, is a proactive way to safeguarding an organiza- tion's IT infrastructure. It is the proactive practice of searching an enterprise network for signals of hostile activity without being aware of them beforehand. This mission helps se- curity professionals to detect sophisticated dangers lurking in a company's network envi- ronment. After looking for threats, we can build a network security assessment process as follows: Step 1: Preliminary survey of the system Depending on the requirements of each person, each facility, conduct customer in- terviews, learn and collect basic information about the network system and their needs. The goal of preliminary research is to figure out what the nature of any lingering is- sues in the customer's system is. This study is unique to each customer, thus there is no standard format, but it is heavily influenced by the customer's existing system and the ex- pert's prior experience with gathering preliminary data. Step 2: Build an assessment scenario Based on preliminary research results, recommend to the organization the evalua- tion method and criteria suitable to the organization's system. The methods that are se- lected include:
- Select the item needed for a comprehensive cybersecurity risk assessment: Website or intranet
- Select the appropriate evaluation criteria for the existing network: the net- work security assessment standard for the Bank is different from the network security assessment standard of the Airport, the Hospital...
- Select the Checklist to evaluate the suitability of the network system: for ex- ample, the current network system of Cisco needs to evaluate the security of network equipment according to the Checklist proposed by Cisco itself.
- Choose whether to re-plan the network, build a new network or temporarily repair it to limit security risks.
- Select a tool to perform a network security assessment. Step 3: Check and assess network security risks Cybersecurity engineers will perform a comprehensive network security assess- ment of the network according to the method chosen by the customer in step 2. Although the assessment may vary depending on different network systems, The method will still revolve around the following basic issues:
- Black box testing (BlackBox). Engineers act as users and will not be deeply involved in the system. A black box assessment may not take as much time and effort as a white box, but the results are incredibly important. The reason is that Hacker basically starts out as a regular user as well. Vulnerabilities and threats reported from black box testing are extremely important.
- White Box Testing. Evaluation engineers will be deeply involved and sys- tematic, knowledgeable about the system. The assessment of risks will come from inside and outside the system. Evaluation results from white box testing are more comprehensive than black box. White box testing can include code review. Factors to ensure information security Cybersecurity engineers must have a thorough understanding of the variables that contribute to information and network security, as well as the ability to comprehensively assess potential security hazards to the customer's system. These elements include:
- Confidentiality. Information must be kept confidential and used for the right audience.
- Integrity. Information must be complete, structurally intact, and free from con- tradictions.
- Ready. Information must always be readily accessible, to serve the right pur- pose and in the right way.
- Accuracy. Information must be accurate and reliable.
- Non-repudiation (non-repudiation). The information is verifiable from the source or the informant. Cybersecurity and information security threats
To ensure security, it is necessary to maintain warranty and maintenance for net- work security services every 3 months, 6 months or 1 year. The Cybersecurity Engineer will assist in a cybersecurity reassessment for required system changes:
- Add services to the system.
- Update professional software in the system.
- Change the Security policy to accommodate new systems.
- Change hardware: Firewall, Switch, server...
- And any changes that affect the results of the cybersecurity assessment. Step 7: Solve network security problems After completing the above steps, based on the assessment in step 3 and the report in step 4, remove threats and build defenses for the system. 1.4.2 The organization's current weakness or threat Businesses must boost the protection of one of their most precious assets – data – as the frequency of cyberattacks continues to rise. To do so, companies must first identify their shortcomings before taking steps to address them. Current weaknesses or threats the organization may face:
- The computers in the enterprise's system can be controlled, infected with vi- ruses, malicious code.
- Organization hacked Web server, FTP server, Email server.
- Organization suffers from a denial of service attack.
- Organization has a need to investigate the perpetrators of network attacks.
- Organization is smeared, defamed, impersonated on social networks, needs to collect information about the perpetrator. 1.4.3 My recommend tools to handle IT security risks Some website security testing tool:
- Gamasec Gamasec is a website scanning application that can analyze the whole file and structure of a website. To avoid any security concerns, Gamasec scans and detects net- work weaknesses and malware. This utility will export a report after the scan is completed so that the administrator can comprehend the network state.
- Norton Safe Web Symantec's Norton Safe Web is a dependable piece of software. This tool will de- termine whether or not the website is safe for users and their computers to visit.
- McAfee SiteAdvisor Software McAfee SiteAdvisor Software is a tool to help check for malicious code, malicious java, and spyware that can harm your computer. Besides, this tool also helps Google give warnings about unsafe websites.
- AVG Online Web Page Scanner This website security check tool allows to check the safety of the website. The task of the tool is to see if the website has any risk of harming users
- McAfee – Domain Health Check This is a free tool of McAfee that allows you to check the website's traffic and as- sess the "health of the website" of the business. Some system security tool:
- Nessus – System security checker For network administrators, finding security holes in the system is always the most important thing. And Nessus is the most popular tool because Nessus has a large data- base of security vulnerabilities. On the other hand, this tool can automatically update new errors after checking.
- Kali Linux Tools Kali Linux is considered a perfect product to detect attack vulnerabilities in the net- work. This is a free, open source tool that helps you penetrate many small systems at the same time. In fact, this Kali Linux System Security Tool is combined with 300 penetration test- ing and security testing programs with a single Linux operating system. Thus, network ad- ministrators can effectively check the risk, the threat of attack
- System Security Tool OpenVas
- Each online computer has its own digital signature, called an IP (Internet Protocol address). Therefore, without the support of a firewall, it is very easy to get infected with malicious code and lose data.
- A correctly configured firewall will help the computer "hide" itself effectively without worrying about being intruded by hackers. A firewall does not work like anti-virus software. However, it is a tool to ensure your computer is free from common network attacks. Firewall Effect:
- Firewalls bring many beneficial effects to computer systems. Specifically:
- Firewalls prevent unauthorized access to private networks. It acts as a gate- keeper, monitoring all data entering or leaving from the private network. When it detects any unauthorized access, it will prevent and prevent that traf- fic from reaching the private network.
- Firewalls help block network attacks.
- Firewalls work as security checkpoints. By filtering information connected over the internet to the network or personal computer.
- Easily control connections to the website or restrict some connections from users that the business does not want.
- You can customize the firewall according to your needs. By setting the right privacy policies.
Figure 2 Firewall activity diagrams Built-in firewall on your computer, to turn on just open the windown firewall click on the tick "Turn Windows Firewall On or Off". Now the options panel will appear. According to this table, the system allows you to enable or disable the firewall. You can even aggre- gate connections to your computer. This is extremely useful when you're on public net- works, as they provide you with a secure connection. Figure 3 Windown Firewall